24 matches found
Windows BITS Persistence Tool
This script implements a BITS-based persistence mechanism with an embedded HTTP server and remote payload delivery for Windows...
EUVD-2020-11999
Malware in sbrugna...
CVE-2020-1255
An elevation of privilege vulnerability exists when the Windows Background Intelligent Transfer Service BITS IIS module improperly handles uploaded content, aka 'Windows Background Intelligent Transfer Service Elevation of Privilege Vulnerability'...
CVE-2020-1112
An elevation of privilege vulnerability exists when the Windows Background Intelligent Transfer Service BITS IIS module improperly handles uploaded content, aka 'Windows Background Intelligent Transfer Service Elevation of Privilege Vulnerability'...
CVE-2020-0787
An elevation of privilege vulnerability exists when the Windows Background Intelligent Transfer Service BITS improperly handles symbolic links, aka 'Windows Background Intelligent Transfer Service Elevation of Privilege Vulnerability'...
New Windows Backdoor BITSLOTH Exploits BITS for Stealthy Communication
Cybersecurity researchers have discovered a previously undocumented Windows backdoor that leverages a built-in feature called Background Intelligent Transfer Service BITS as a command-and-control C2 mechanism. The newly identified malware strain has been codenamed BITSLOTH by Elastic Security Lab...
Hackers Using a Windows OS Feature to Evade Firewall and Gain Persistence
A novel technique adopted by attackers finds ways to use Microsoft's Background Intelligent Transfer Service BITS so as to deploy malicious payloads on Windows machines stealthily. In 2020, hospitals, retirement communities, and medical centers bore the brunt of an ever-shifting phishing campaign...
Back in a Bit: Attacker Use of the Windows Background Intelligent Transfer Service
In this blog post we will describe: How attackers use the Background Intelligent Transfer Service BITS Forensic techniques for detecting attacker activity with data format specifications Public release of the BitsParser tool A real-world example of malware using BITS persistence --- Introduction...
The vulnerability of the Microsoft Internet Information Server (IIS) server allows for unauthorized access by attackers, enabling them to escalate their privileges. This vulnerability is related to the Windows Background Intelligent Transfer Service (BITS), which operates on Windows operating systems.
The vulnerability of the Microsoft Internet Information Server IIS server, due to the Windows Background Intelligent Transfer Service BITS, affects operating systems running on Windows. This vulnerability is related to file operation processing errors. Exploiting this vulnerability can allow an...
Background Intelligent Transfer Service CVE-2020-0787 - Privilege Escalation
This Metasploit module exploits CVE-2020-0787, an arbitrary file move vulnerability This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Background Intelligent Transfer Service Arbitrary File Move...
Background Intelligent Transfer Service Arbitrary File Move Privilege Elevation Vulnerability
This module exploits CVE-2020-0787, an arbitrary file move vulnerability in outdated versions of the Background Intelligent Transfer Service BITS, to overwrite C:\Windows\System32\WindowsCoreDeviceInfo.dll with a malicious DLL containing the attacker's payload. To achieve code execution as the...
Microsoft Windows Background Intelligent Transfer Service Elevation of Privilege Vulnerability
Microsoft Windows is a set of operating systems for use on personal devices from the American company Microsoft. An elevation of privilege vulnerability exists in the IIS module of the Microsoft Windows Background Intelligent Transfer Service BITS, which arises from the program's failure to...
KLA11806 Multiple vulnerabilities in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, gain privileges, cause denial of service, bypass security restrictions. Below is a complete list of...
The vulnerability of the Windows Background Intelligent Transfer Service, a file transfer service between the client and the HTTP server, allows a hacker to escalate their privileges.
The vulnerability of the Background Intelligent Transfer Service BITS for file intelligent transfer between clients and Windows HTTP servers in operating systems like Windows is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to enhance...
KLA11773 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to obtain sensitive information, gain privileges, cause denial of service, execute arbitrary code, bypass security restrictions, spoof user interface. Below is a complete list of...
KLA11777 Multiple vulnerabilities in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to obtain sensitive information, gain privileges, execute arbitrary code, cause denial of service, bypass security restrictions. Below is a complete list of...
CVE-2020-0787
An elevation of privilege vulnerability exists when the Windows Background Intelligent Transfer Service BITS improperly handles symbolic links, aka 'Windows Background Intelligent Transfer Service Elevation of Privilege Vulnerability'...
KB4540670: Windows 10 Version 1607 and Windows Server 2016 March 2020 Security Update
The remote Windows host is missing security update 4540670. It is, therefore, affected by multiple vulnerabilities : - An elevation of privilege vulnerability exists when the Windows Device Setup Manager improperly handles file operations. An attacker who successfully exploited this vulnerability...
PT-2020-1912
Name of the Vulnerable Software and Affected Versions Windows Background Intelligent Transfer Service BITS versions prior to the fixed version Description The issue is related to errors in handling symbolic links that display paths to files and directories. This can allow an attacker to elevate...
LOLBITS - C# Reverse Shell Using Background Intelligent Transfer Service (BITS) As Communication Protocol
LOLBITS is a C reverse shell that uses Microsoft's Background Intelligent Transfer Service BITS to communicate with the Command and Control backend. The Command and Control backend is hidden behind an apparently harmless flask web application and it's only accesible when the HTTP requests receive...